[Samba] Fwd: ntlm_auth and freeradius
Kees van Vloten
keesvanvloten at gmail.com
Mon Apr 3 15:40:22 UTC 2023
On 03-04-2023 17:18, Tim ODriscoll wrote:
> Hi Kees,
>
> I assume you deployed the wifi profile via GPO?
>
> I wonder if I've got that part wrong, although seeing as I'm getting
> to the ntlm_auth prompt with the correct machine name format (with the
> $ at the end)?
>
> Tim
If you have doubts about the user, you add to /etc/samba/smb.conf on the
domain controllers:
log level = 3 auth_json_audit:3@/var/log/samba/audit.log
The audit.log will tell you exactly who tried what and the result. Very
helpful :-)
As for the wlan profile I use a local xml-file deployed by Ansible and a
script to switch between lan and wlan while keeping the same ip-address.
The wlan profile.xml does not specify the machine name but it is what
windows will try first. You can try without a GPO to setup the wlan
connection manually and you will see it tries the machine credentials
before it prompts you to supply any credentials.
- Kees.
More information about the samba
mailing list